January 10, 2018No meeting due to Real World Crypto workshop

January 17, 2018FAME: Fast Attribute-based Message Encryption

Speaker:
Shashank Agrawal

Abstract:
Time and again, attribute-based encryption has been shown to be the natural cryptographic tool for building various types of conditional access systems with far-reaching applications, but the deployment of such systems has been very slow. A central issue is the lack of an encryption scheme that can operate on sensitive data very efficiently and, at the same time, provides features that are important in practice.
In this talk I will present the first fully secure ciphertext-policy and key-policy ABE schemes based on a standard assumption on Type-III pairing groups, which do not put any restriction on policy type or attributes. The schemes are implemented along with several other prominent ones using the Charm library, and perform better on almost all parameters of interest.

Joint Work:
Melissa Chase (Microsoft Research)

Paper:
https://eprint.iacr.org/2017/807

January 24, 2018No Talk but Lunch due to BPASE workshop

January 31, 2018TBA

Speaker:
Juan Benet (Filecoin)

Abstract:

February 07, 2018Incident highlights and going passwordless

Speaker:
Michael Duff (Stanfords CIO)

Abstract:
Stanford's Chief Information Security Officer, Michael Duff, describes the preparations made to deploy client certificate-based authentication campus-wide, which will transform the way University community members access our online services -- improving user experience while simultaneously addressing some of our greatest cybersecurity risks.
Michael also highlights several recent cybersecurity incidents here at Stanford -- how they happened and what we learned from them

February 14, 2018A scalable computation oracle for blockchains

Speaker:
Jason Teutsch

Abstract:
Ethereum constitutes one of the most powerful computational resources in the history of mankind, but its "on-chain" smart contracts, which process data and money, run for no more than a fraction of a second. A new system called "TrueBit" bypasses this bottleneck. Its WebAssembly-based architecture and cryptoeconomic incentives allow smart contracts to efficiently outsource computational work to "off-chain" agents while the smart contracts themselves process at most logarithmically many bits of input data and computational steps. I will present an overview of the TrueBit protocol, mention some applications, and discuss foreseeable security challenges. This talk is intended for a general audience, and non-CS blockchain enthusiasts are welcome.

February 21, 2018Flyclient: Super Light Clients for Cryptocurrencies

Speaker:
Benedikt Bünz

Abstract:
To ensure the validity of transactions, Bitcoin and Ethereum rely on a mechanism to verify if particular transactions are included in the blockchain. For example, each node has to check if the inputs to a transaction are valid coins recorded in the blockchain and the current block belongs to the longest chain in case of a fork. To perform these checks, the node has to download all blocks and verify all of them. Currently, syncing all these data blocks in Bitcoin or Ethereum requires a node to send/receive hundreds of Gigabytes of data, taking days for both downloading and verifying.
In Bitcoin, a synchronization mechanism called simplified payment verification (SPV) allows clients with limited resources such as mobile phones and tablets to verify transactions without downloading the entire blocks. SPV clients only download block headers, which have much smaller size than the full block (80 bytes vs 1 MB in Bitcoin). However, the storage and bandwidth needed for each light client still increases linearly with the blockchain size. For example, the Ethereum blockchain currently has about 3.5 million blocks, given that each block header is of size 500 bytes, an SPV client in Ethereum would have to download and store more than 1.5 GB to be able to verify any transaction on the Ethereum blockchain.
In this paper, we introduce Flyclient, a novel protocol for light clients in public blockchains. Flyclient allows SPV clients to efficiently and securely verify any transaction with only a constant storage and bandwidth requirements. The transaction inclusion proof size is logarithmic in the size of a block and the number of blocks in the chain. At its core, Flyclient utilizes a recently proposed data structure called Merkle Mountain Range which allows SPV clients to verify any transaction with a minimal amount of information. Flyclient also employs an efficient and non-interactive probabilistic verification
to reduce the number of block headers needed for the longest-chain verification to a small number that is only logarithmic in the size of the chain. Unlike previous proposed succinct SPV clients, Flyclient resists cheap bribery attacks against miners.